Why it's a bad idea to enable the Copilot+ Recall feature on your Windows 11


New Copilot+ PCs are about to hit the market, and the controversial Recall feature is seemingly enabled by default. We recommend that you turn it off, for your safety and everyone else’s.

Generative AI tools are being integrated into our day-to-day lives and the services we use, whether we want them to or not. And increasingly, it seems like it’s going to be impossible to escape having an AI tool help suggest solutions for you – even at an operating system level.

At least that’s the suggestion based on early tests of Copilot+ PCs running Windows 11, which will arrive on shelves later this month. It appears that Microsoft’s Recall feature, which will use generative AI to supposedly aid users in finding documents and information they had with every interaction on their PC, could well be enabled by default.

ADVERTISEMENT

That means that it’s not only a bad idea to enable the feature, but it’s also incumbent on users to actively opt out of its operation on their computers. “It’s an act of self-harm at Microsoft in the name of AI, and by proxy real customer harm,” wrote security expert Kevin Beaumont, who claims it “fundamentally breaks the promise of security in Windows.”

What’s Recall, and why is it an issue?

Recall has proved to be a hugely controversial addition to Windows, in part because it’s presented as a positive feature while acting like spyware does – and would be classed as such if it wasn’t pegged to the generative AI revolution or given the Microsoft stamp of approval.

The tool tracks everything a user types and does on their computer, storing it in memory so it can answer questions like, for example, “In which folder did I put that Word document I worked on a week ago?”

The problem is that it’s all-seeing, which means, if cracked or hacked, it could become a goldmine for hackers.

Microsoft’s own documentation about the tool suggests that “it will not hide information such as passwords or financial account numbers” and admits “that data may be in snapshots that are stored on your device, especially when sites do not follow standard internet protocols like cloaking password entry.”

It’s yet another example of tech companies designing tools with the most innocent point of view in mind while overlooking the way in which those features can be put to nefarious use by bad actors.

“We are once again reminded of how the advancement of AI and technology features can provide great convenience at the potential cost of security,” says Douglas McKee, executive director of threat research at cybersecurity company SonicWall. “While many privacy concerns are expressed with Microsoft Recall, the real threat is the potential usage that attackers will gain out of this feature.”

ADVERTISEMENT

AI has a long memory

The trade-off between convenience and safety has long been an issue that has plagued tech users. However, when layered into technology in such a ubiquitous, all-seeing way, Recall becomes a major danger. “

While the Recall database, which contains three months of screenshots of every user action by default, is encrypted, the user will have access to it and, therefore, an attacker of a compromised system,” suggests McKee.

The system appears not to discriminate what information it holds and how securely it should hold it.

“This means if anything confidential, such as banking information, passwords, trade secrets, and medical records, is put on the screen, an attacker could see it.”

McKee admits that the tool may save time for innocent users, but would also save time for hackers as well.

“While the ability to search your usage history can provide a time saving and production increase, I advise the risk to small businesses to use this feature is too great,” he concludes.